$ rpki-client -vvf rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft File: khdBhFmoypIuDWajy6pAZyDLSJA.mft (raw, json) Hash identifier: Pkc3YBt9vgkYWuKoWla0lIzmfCU28ROd2A0ipHV7Dy4= Subject key identifier: F0:8E:78:67:A0:94:DB:57:FB:B3:80:4E:BC:9B:AB:12:08:26:AE:43 Authority key identifier: 92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 Certificate issuer: /CN=A9137B39/serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Certificate serial: 03F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft Manifest number: 03E8 Signing time: Mon 03 Nov 2025 00:32:51 +0000 Manifest this update: Mon 03 Nov 2025 00:32:50 +0000 Manifest next update: Mon 10 Nov 2025 00:32:50 +0000 Files and hashes: 1: khdBhFmoypIuDWajy6pAZyDLSJA.crl (hash: N65uAOrF0MS8MouJYo4XUFgsTPyBFS3k/qvhvmajP24=) 2: EA8F3FAE6F8611F0BA25F244C4F9AE02.roa (hash: YTSXljO/yVhvQBHJezR7ssdww+GXbQn8v2AKybIkw9k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:32:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1009 (0x3f1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9137B39, serialNumber=9217418459A8CA922E0D66A3CBAA406720CB4890 Validity Not Before: Nov 3 00:32:50 2025 GMT Not After : Nov 10 00:32:50 2025 GMT Subject: CN=6907f833-9ba2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e2:04:95:8f:14:ce:5f:6d:be:16:25:d9:fb: a8:b3:57:62:c3:17:6b:5b:a3:55:c5:d0:1d:e3:ef: ab:4c:1b:79:e2:5d:70:a8:7e:24:41:0b:b7:c7:f1: cc:a3:00:53:3f:ad:fd:9d:5b:46:7a:ee:9b:91:33: f5:d5:c6:27:b5:ae:c5:35:7f:53:18:33:a2:b1:28: 42:c6:b2:28:79:79:65:34:7e:62:b1:f1:d4:f5:81: 8a:b8:1e:fe:70:54:1d:00:9c:f6:3e:cd:ec:bc:37: d3:c5:03:83:cc:e4:d3:5e:a3:46:74:7a:44:c5:e2: 8c:84:8b:05:17:f2:03:0c:31:60:a4:38:74:f7:6c: 96:e3:94:99:61:e0:c6:cf:a5:67:3d:8e:67:38:9e: ec:07:23:cf:21:07:42:56:d6:1e:dc:98:7f:14:61: ae:8a:1b:50:8e:89:6a:e4:3b:64:b6:38:38:a3:a0: 67:5f:1c:5a:f8:e2:e5:10:ad:1e:21:7e:fb:48:6e: 09:fb:fd:8e:44:49:14:c0:ae:41:fb:df:de:74:c5: 87:c5:12:f4:5a:f5:81:8f:29:08:19:e4:e9:01:24: d2:07:a1:bd:f3:80:87:33:a5:4a:25:6b:98:67:ad: 96:e2:ea:04:1a:d5:d0:73:05:0b:00:c8:9d:cb:ac: de:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:8E:78:67:A0:94:DB:57:FB:B3:80:4E:BC:9B:AB:12:08:26:AE:43 X509v3 Authority Key Identifier: keyid:92:17:41:84:59:A8:CA:92:2E:0D:66:A3:CB:AA:40:67:20:CB:48:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/khdBhFmoypIuDWajy6pAZyDLSJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9137B39/A7599D7AA03511EC82255D3AC4F9AE02/khdBhFmoypIuDWajy6pAZyDLSJA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:61:17:a3:53:3d:b3:47:be:ee:0c:ca:26:5c:a8:ee:7a:72: e0:ab:d6:53:42:d0:5a:40:74:5a:1e:c8:0a:cc:92:0c:4e:ae: b5:0a:b3:d3:09:94:d4:33:d0:57:88:77:8d:1f:3a:3a:ad:e9: a0:7d:06:30:fa:34:35:db:51:ca:40:e0:53:57:2b:19:60:7f: 0a:7c:9f:61:26:2e:16:5a:a8:c0:bf:bc:54:91:b9:61:8a:b5: 97:07:5b:3f:c0:50:de:8c:a4:29:37:ca:ef:02:ea:cd:ea:1b: 51:e4:bf:5a:29:c3:cc:4a:cb:31:e6:c4:ff:20:35:b1:92:26: 81:34:7d:25:4d:1d:c7:20:16:0f:69:b1:6b:c5:23:bc:c0:6e: 52:b5:88:34:54:22:29:f0:53:82:01:ce:a6:bf:28:2f:32:3f: 9e:2b:2e:93:85:84:d8:50:8f:2c:6e:6c:e8:12:ab:a1:82:d4: fe:6c:50:7a:1a:0b:c7:91:9f:23:06:ff:4a:9f:bc:35:dc:60: 90:d9:0e:02:a4:ba:9f:a2:22:a5:1c:9e:a3:a6:36:50:c5:2f: 07:ec:d1:db:51:96:ae:79:5c:fe:01:31:38:0a:03:3b:37:b3: 0d:77:a7:a9:10:4b:0c:92:5f:ec:b9:af:86:9d:49:4f:a9:ca: 23:ab:76:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA/EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzdCMzkxMTAvBgNVBAUTKDkyMTc0MTg0NTlBOENBOTIyRTBENjZBM0NCQUE0MDY3 MjBDQjQ4OTAwHhcNMjUxMTAzMDAzMjUwWhcNMjUxMTEwMDAzMjUwWjAYMRYwFAYD VQQDEw02OTA3ZjgzMy05YmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqeIElY8Uzl9tvhYl2fuos1diwxdrW6NVxdAd4++rTBt54l1wqH4kQQu3x/HM owBTP639nVtGeu6bkTP11cYnta7FNX9TGDOisShCxrIoeXllNH5isfHU9YGKuB7+ cFQdAJz2Ps3svDfTxQODzOTTXqNGdHpExeKMhIsFF/IDDDFgpDh092yW45SZYeDG z6VnPY5nOJ7sByPPIQdCVtYe3Jh/FGGuihtQjolq5Dtktjg4o6BnXxxa+OLlEK0e IX77SG4J+/2OREkUwK5B+9/edMWHxRL0WvWBjykIGeTpASTSB6G984CHM6VKJWuY Z62W4uoEGtXQcwULAMidy6zeewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPCOeGeg lNtX+7OATrybqxIIJq5DMB8GA1UdIwQYMBaAFJIXQYRZqMqSLg1mo8uqQGcgy0iQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzN0IzOS9BNzU5OUQ3QUEw MzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lwSXVEV2FqeTZwQVp5RExT SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2toZEJoRm1veXBJdURXYWp5NnBBWnlETFNKQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz N0IzOS9BNzU5OUQ3QUEwMzUxMUVDODIyNTVEM0FDNEY5QUUwMi9raGRCaEZtb3lw SXVEV2FqeTZwQVp5RExTSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiYRejUz2zR77uDMomXKjuenLgq9ZTQtBaQHRaHsgKzJIMTq61CrPT CZTUM9BXiHeNHzo6remgfQYw+jQ121HKQOBTVysZYH8KfJ9hJi4WWqjAv7xUkblh irWXB1s/wFDejKQpN8rvAurN6htR5L9aKcPMSssx5sT/IDWxkiaBNH0lTR3HIBYP abFrxSO8wG5StYg0VCIp8FOCAc6mvygvMj+eKy6ThYTYUI8sbmzoEquhgtT+bFB6 GgvHkZ8jBv9Kn7w13GCQ2Q4CpLqfoiKlHJ6jpjZQxS8H7NHbUZaueVz+ATE4CgM7 N7MNd6epEEsMkl/sua+GnUlPqcojq3aR -----END CERTIFICATE-----Generated at Tue Nov 4 21:36:14 2025 by rpki-client